Cybersecurity group Dr. Web and technology vertical Bleeping Computer made a shocking discovery in the Google Play Store. More than 100 apps hosted a nasty malware called SpinOK. The two most popular infected apps attracted more than 100 million downloads!
What two apps were they? Noizz: video editor with music and Zapya – File Transfer, Sharing. With SpinOK creeping into both apps, cybercriminals could access files, replace clipboard contents, and perform more devious malicious actions that will make your hair stand on end.
What is SpinOK and what does it do?
Dr. Web classified SpinOK as a spyware module that steals private data stored on victims’ devices and then sends the information to a remote server. SpinOK “demonstrates seemingly legitimate behavior,” according to Dr. Web, by implementing mini-games that lead to “daily rewards” to capture the interest of users.
However, behind the scenes, SpinOK is wreaking havoc on the device. You can search for particular files, load data from the target’s phone, and copy and replace the clipboard content. The latter is particularly unpleasant for cryptocurrency enthusiasts. Copying wallet addresses to send cryptocurrency from one wallet to another is a common practice in the cryptocurrency world. So if your copied wallet address is swapped with a hacker’s wallet address, you could lose your Bitcoin or whatever digital assets you’re sending. forever.
As mentioned, SpinOK can leak files, so victims’ private photos and videos are also at risk.
Where was SpinOK found?
As mentioned at the beginning, the two main applications that SpinOK infected were Noizz: video editor with music and Zapya – File Transfer, Sharing. Collectively, these apps drew over 200 million uploads, but there’s more where they came from.
SpinOK was found by tracking around 101 apps across Google Play and all of them were downloaded over 400 million times. You can find the full list of infected apps here.
Fortunately, all apps except were banned from the Google Play Store except for Zapya – File Transfer, Sharing. Why did Google keep it? Because the developer reportedly shipped a clean version of the app.
If any of these apps are lurking on your phone, it would be in your best interest to remove them from your phone immediately. And don’t forget to get one of the best mobile antivirus apps for your phone to dodge malicious threats like SpinOK (Bitdefender is a good one).